<?php
	require_once('/ticket/ticket_functions.php');
	require_once('/email/email.php');
	require_once('globals.php');
?>
<!DOCTYPE html>
<html>
<head>
	<link href="style.css" rel="Stylesheet" type="text/css" />
</head>
<body>
	<div class="PostContainer">	
		<div class="Post">
			<div class="PostHeader">
				Reset Password
			</div>
			<div class="PostContent">
				<form action="reset_password.php" method="post">
					<p><h3>Enter your admin ID and email address to reset your password.</h3></p>
					
					<p>Admin ID: <input type="text" name="adminID"></p>
					<p>Email: <input style="width:300px;" type="text" name="email"></p>
					<p><input type="submit" name="resetSubmit" value="Reset Password"></p>
					<p><a href="login.php">Login</a></p>
				</form>
			</div>
		</div>
	</div>

<?php

	// echo generateRandomID(25) . "<br/>";
	if($_SERVER['REQUEST_METHOD'] == 'POST'):
		if(isset($_POST['resetSubmit'])):
			handlePost();				
		endif;
	elseif ($_SERVER['REQUEST_METHOD'] == 'GET'):
				
	endif;
	
	function handlePost()
	{
		$adminID = sanitizeStringKeepSpaces($_POST['adminID']);
		$adminEmail = sanitizeStringKeepSpaces($_POST['email']);
		if(!empty($_POST['adminID'] && !empty($_POST['email']))):
			if(adminIDemailPairExists($adminID, $adminEmail)):
				displayJavaScriptAlert("Pair matched.");
				$randomID = generateRandomID(25);
				insertRandomIDintoDatabase($randomID,$adminID);
				sendEmailToAdminWithLink($randomID, $adminID, $adminEmail);
			else:
				displayJavaScriptAlert("Pair did not match.");
			endif;
		else:
			displayJavaScriptAlert("Enter your admin ID and email.");
			// header("Location: reset_password.php");
		endif;
	}
	
	function sendEmailToAdminWithLink($randomID, $adminID, $adminEmail)
	{
		$sender = "proj3noreply@pitt.edu";
		$receiver = $adminEmail;
		$subject = "Reactivate Your Forgotten Password.";
		$message = 'Follow the link to reset your password:' . "\n\n" . 
					'localhost/proj3/new_password.php?id=' . $randomID;
		sendEmail($sender, $receiver, $subject, $message);
		echo "Check your email.<br/>";
	}
	
	function insertRandomIDintoDatabase($randomID, $adminID)
	{
		require('\private\mysqli_connect.php');
		$query = 	"insert into reset_password(user_id, random_id, redeemed)
					values ($adminID, $randomID, false)";
		//echo $query . "<br/>";
		$result = $db->query($query);
		if($result):
			// echo "success<br/>";
			return true;
		else:
			echo "failure: " . $db->error . "<br/>";
			return false;
		endif;
	}
	
	function generateRandomID($length)
	{
		$randomID = "";
		for($i = 0; $i < $length; $i++):
			$randomID .= rand(0,9);
		endfor;
		return $randomID;
	}
	
	function getThisAdminsEmailAddress()
	{
		require('\private\mysqli_connect.php');
		$query = 'select email from users where user_id = ' . $_SESSION['userID'];
		$result = $db->query($query);
		// echo "$query<br/>";
		if($result->num_rows > 0):
			// echo "ticket exists";
			$row = $result->fetch_array();
			return $row['email'];
		else:
			// echo "ticket does not exist";
			return null;
		endif;
	}
	
	function adminIDemailPairExists($adminID, $adminEmail)
	{
		require('\private\mysqli_connect.php');
		$query = "Select user_id from users where user_id = " . 
					$adminID . " and email = '" . $adminEmail . "' and is_admin = true";
		//echo $query . "<br/>";
		$result = $db->query($query);
		if($result->num_rows > 0):
			return true;
		else:
			return false;
		endif;
	}
?>